Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Connection Manager

Amazon Web Services (AWS)

search

Amazon Web Services (AWS)

AWS connections to the CipherTrust Data Security Platform Service can be configured using the following:

Managing AWS Connections using GUI

  • Access Key ID - an access key is a long-term credential for an AWS account root user. An access key consists of two parts: an access key ID and a secret access key (pretty much like a user name and password). This is the user name part.

  • Secret Access Key – this is the password part of the access key. Select the Show Secret Access Key check box to view the password as open text.

  • Cloud Name - the name of the AWS cloud to connect to. Currently, only the following options are available:

    • AWS

    • AWS China

  • Assume Role - the AWS Assume Role. For more details, refer to the AWS documentation.

  • Assume Role External ID - the external ID for an IAM role in AWS (Assume Role). This is something that you may want to use when you need to give access to your AWS resources to a third party. For more details, refer to the AWS documentation.

For IAM Roles Anywhere, select the IAM Roles Anywhere checkbox and provide the following information:

  • Cloud Name - the name of the AWS cloud to connect to. Currently, only the following options are available:

    • AWS

    • AWS China

  • Assume Role - the AWS Assume Role. For more details, refer to the AWS documentation.

  • Assume Role External ID - the external ID for an IAM role in AWS (Assume Role). This is something that you may want to use when you need to give access to your AWS resources to a third party. For details, refer to AWS documentation.

Click next to proceed to IAM Configuration tab and provide the following details:

  • Certificate - either upload the external certificate or paste the certificate content.

    • File Upload - select and click Certificate Upload to upload the certificate from your machine.

    • Text - select and paste the certificate content in the text field.

  • Private Key - specify the private key associated with the certificate.

  • Role - specify AWS IAM Anywhere Role ARN.

  • Profile - specify AWS IAM Anywhere Profile ARN.

  • Trust Anchor - specify AWS IAM Anywhere Trust Anchor ARN.

Click Test Credentials to check whether the connection is configured correctly. If the test is successful, the status is OK else the status is Fail.

Click Next to move to the Add Products screen of the Add Connection wizard.

Managing AWS Connections using ksctl

When you interact with AWS, you specify your AWS security credentials to verify who you are and whether you have permission to access the resources that you are requesting. AWS uses the security credentials to authenticate and authorize your requests.

There are different types of users in AWS. All AWS users have security credentials. There is the account owner (root user), users in AWS IAM Identity Center (successor to AWS Single Sign-On), federated users, and IAM users.

Users can have either long-term or temporary security credentials. For more details, refer to AWS security credentials.

The following operations can be performed:

  • Create/Get/Update/Delete an AWS connection

  • List all AWS connections

  • Test an existing AWS connection

  • Test the new AWS connection parameters before establishing the connection

Creating an AWS Connection

In AWS, the Root user, IAM user, and access keys have long-term security credentials that do not expire. Long-term credentials are persistent and can be used to sign programmatic requests to the AWS CLI, AWS SDKs, or AWS APIs. It's important to note that these credentials have significant power and should be protected and managed carefully, as they provide full access to the associated AWS account.

Syntax

ksctl connectionmgmt aws create --name <connection-name> --clientid <access-key-id> --secret <aws-client-secret> --assumerolearn <assume-role-arn> --assumeroleexternalid <assume-role-external-id> --cloudname <cloud-name> --description <description> --meta <key:value> --products <products-names> --json-file <connection-information-in-JSON-format-via-file>

Example

ksctl connectionmgmt aws create --name aws-connection --clientid AKIAJBLNQGTQFOWDRSRQ --secret DHZc9bi/rrJZW3PRfWrkgn3KYVMDyI1bnedKPmlwU

Response

{
    "id": "7b736162-3330-49f3-b631-044e107df033",
    "uri": "kylo:kylo:connectionmgmt:connections:aws-connection-7b736162-3330-49f3-b631-044e107df033",
    "account": "kylo:kylo:admin:accounts:kylo",
    "createdAt": "2022-08-17T08:46:58.29948682Z",
    "channel": "",
    "updatedAt": "2022-08-17T08:46:58.296588992Z",
    "service": "aws",
    "category": "cloud",
    "last_connection_ok": null,
    "last_connection_at": "0001-01-01T00:00:00Z",
    "name": "aws-connection",
    "access_key_id": "AKIAJBLNQGTQFOWDRSRQ",
    "cloud_name": "aws",
    "aws_sts_regional_endpoints": "legacy",
    "aws_region": "us-east-1"
}

The AWS Identity and Access Management (IAM) Roles Anywhere enables obtaining temporary security credentials in IAM for AWS resources such as servers, containers, and applications. The temporary security credentials are short-term and not stored with the user but are generated dynamically and provided to the user when requested. This simplifies the signing process for the applications. For more details, refer to What is AWS Identity and Access Management Roles Anywhere & Temporary security credentials in IAM. To create an AWS connection of type IAM Roles Anywhere, run:

Syntax

ksctl connectionmgmt aws create --name <connection-name> --iamroleanywhere <path-to-json-file> --isroleanywhere true

The iamroleanywhere field defines the parameters required to create a connection of type IAM Roles Anywhere. These parameters are:

  • anywhere_role_arn - AWS IAM Anywhere Role ARN.

  • certificate - The external certificate for AWS IAM Anywhere Cloud connections.

  • profile_arn - AWS IAM Anywhere Profile ARN.

  • trust_anchor_arn - AWS IAM Anywhere Trust Anchor ARN.

  • private_key - The private key associated with the certificate.

Note

When the trust_anchor_arn is created using a certificate issued from the CA of the CipherTrust Data Security Platform Service, private_key is not required while creating an AWS connection on the same CipherTrust Data Security Platform Service.

The iamroleanywhere fields are defined in the below "iamanywhere.json" file.

Set the isroleanywhere parameter to true to create connections of type AWS IAM Anywhere with temporary credentials.

Example

ksctl connectionmgmt aws create --name testconnection --iamroleanywhere iamanywhere.json --isroleanywhere true

Response

{
    "id": "740cff5c-44a1-4006-9e1c-d51e9ae0f4de",
    "uri": "kylo:kylo:connectionmgmt:connections:testcon-740cff5c-44a1-4106-9e1c-d51e9ae0f4de",
    "account": "kylo:kylo:admin:accounts:kylo",
    "createdAt": "2023-05-05T06:24:18.164586919Z",
    "updatedAt": "2023-05-05T06:24:18.155392895Z",
    "service": "aws",
    "category": "cloud",
    "last_connection_ok": null

    "last_connection_at": "0001-01-01T00:00:00Z",
    "name": "testcon",
    "cloud_name": "aws",
    "aws_sts_regional_endpoints": "legacy",
    "aws_region": "us-east-1",
    "is_role_anywhere": true,
    "iam_role_anywhere": {
        "certificate": "-----BEGIN CERTIFICATE-----\nMIICATCCAYagAwIBAgIUVMghsopD+cgubEYjpvB96oOeSHwwCgYIKoZIzj0EAwQw\nXTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5ZMREwDwYDVQQHEwhOZXcgWW9yazEP\nMA0GA1UEChMGVzMQwwCgYDVQQLEwNESVMxDzANBgNVBAMTBlRoYWxlczAe\nFw0yMzAxMDMxMDE1NTBaFw0yNDAxMDMxMDE1NTBaMEQxCzAJBgNVBAYTAlVTMQ8w\nDQYDVQQKDAZUaGFsZXMxEzARBgNVBAMMClRoYWxlcy5jb20xDzANBgNVBAsMBkRJ\nU19EUzB2MBAGByqGBSuBBAAiA2IABIt5e3BVMVAdNfTGslhkhbLlqJiA\nvO0ECgAlClTwzILZalsczZ0256PVWD9+q4DXRXVzUSKMHJTvD2dfxzU3Ze9AP92h\nz7PXr+AiBcyoz03kcqd4eInt8cVbI8iA0yk1xqMgMB4wDAYDVR0TAQH/BAIwADAO\nBgNVHQ8BAf8EBAMCB4AwCgYIKoZIzj0EAwQDaQAwZgIxAO3YZ5spj2Nnkb5ycuI0\nsz4CYbt5/Akw6XCIkj676ExyhRlBHs3MnYocD1dqJIHbcgIxAPbMcFe0ntWfe+hm\nsGYqabQmzwJaewriq3qmmThs8MPx8k7F9N6sKdiC7fI8d2XAsA==\n-----END CERTIFICATE-----",
        "trust_anchor_arn": "arn:aws:rolesanywhere:us-east-1:306778697945:trust-anchor/944e70c0-a0b9-4cb9-97fd-0b8ff46d43ad",
        "profile_arn": "arn:aws:rolesanywhere:us-east-1:306778697945:profile/0d90fe36-1977-4ff8-886d-8c84b5a922ed",
        "anywhere_role_arn": "arn:aws:iam::306778697945:role/RolesAnywhere_Tester"
    }
}

iamanywhere.json

{
    "anywhere_role_arn": "arn:aws:iam::301888698005:role/RolesAnywhere_Test",
    "profile_arn": "arn:aws:rolesanywhere:us-east-1:306778600005:profile/0d90fe36-1977-4ff8-886d-8c84b5a922ed",
    "trust_anchor_arn": "arn:aws:rolesanywhere:us-east-1:300008697945:trust-anchor/988e70c0-a0b9-4cb9-97fd-0b8ff46d53ad",
    "certificate": "-----BEGIN CERTIFICATE-----\nMIICATCCAYagAwIBAgIUVMghsopD+cgubEYjpvB96oOeSHwwCgYIKoZIzj0EAwQw\nXTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5ZMREwDwYDVQQHEwhOZXcgWW9yazEP\nMA0GA1UEChMGVGhhbGVzMQwwCgYDVQQLEwNESVMxDzANBgNVBAMTBlRoYWxlczAe\nFw0yMzAxMDMxMDE1NTBaFw0yNDAxMDMxMDE1NTBaMECzAJBgNVBAYTAlVTMQ8w\nDQYDVQQKDAZUaGFsZXMxEzARBgNVBAMMClRoYWxlcy5jb20xDzANBgNVBAsMBkRJ\nU19EUzB2MBAGBqGSM49AgEGBSuBBAAiA2IABIt5e3BVMVAdNfTGslhkhbLlqJiA\nvO0ECgAlClTwzILZalsczZ0256PVWD9+q4DXRXVzUSKMHJTvD2dfxzU3Ze9AP92h\nz7PXr+AiBcyoz03kcqd4eInt8cVbI8iA0yk1xqMgMB4wDAYDVR0TAQH/BAIwADAO\nBgNVHQ8BAf8EBAMCB4AwCgYIKoZIzj0EAwQDaQAwZgIxAO3YZ5spj2Nnkb5ycuI0\nsz4CYbt5/Akw6XCIkj676ExyhRlBHs3MnYocD1dqJIHbcgIxAPbMcFe0ntWfe+hm\nsGYqabQmzwJaewriq3qmmThs8MPx8k7F9N6sKdiC7fI8d2XAsA==\n-----END CERTIFICATE-----",
    "private_key": "-----BEGIN EC PARAMETERS-----\nBgUrgQQAIg==\n-----END EC PARAMETERS-----\n-----BEGIN EC PRIVATEKEY-----\nMIGkAgEBBDBZ2dIjpkmoQ5JGNjpHq0rdzKOFRDjP3nCSLhlZtrLDrhREY3CGiqX\nc/7hJFA49pugBwYFK4EEACKhZANiAASLeXtwVTFQHTX0xrJYZIWy5aiYgLztBAoA\nJQpU8MyC2WpbHM2dNuej1Vg/fquA10V1c1EijByU7w9nX8c1N2XvQD/doc+z16/g\nIgXMqM9N5HKneHiJ7fHFWyPIgNMpNcY=\n-----END EC PRIVATE KEY-----"
}

Getting Details of an AWS Connection

To get details of an AWS connection, run:

Syntax

ksctl connectionmgmt aws get --id <connection-name/Id>

Example

ksctl connectionmgmt aws get --id 5c7a0dab-6358-42dd-8809-257a96f0c010

Response

{
    "id": "5c7a0dab-6358-42dd-8809-257a96f0c010",
    "uri": "kylo:kylo:connectionmgmt:connections:aws-connection-5c7a0dab-6358-42dd-8809-257a96f0c010",
    "account": "kylo:kylo:admin:accounts:kylo",
    "createdAt": "2022-08-22T08:35:45.766632Z",
    "updatedAt": "2022-08-22T08:43:25.392906Z",
    "service": "aws",
    "category": "cloud",
    "last_connection_ok": null,
    "last_connection_at": "0001-01-01T00:00:00Z",
    "name": "aws-connection",
    "access_key_id": "AKIAJBLNQGTQFOWDRSRQ",
    "cloud_name": "aws",
    "aws_sts_regional_endpoints": "legacy",
    "aws_region": "us-east-1"
}

Updating an AWS Connection

Note

When updating an AWS connection, you cannot update the connection type, that is, a connection generated with short-term credentials cannot be updated with the long-term credentials and vice versa.

To update an AWS connection, run:

Syntax

ksctl connectionmgmt aws modify --id <connection-name/Id> --clientid <access-key-id> --secret <aws-client-secret> --assumerolearn <assume-role-arn> --assumeroleexternalid <assume-role-external-id> --cloudname <cloud-name> --description  <description> --meta <key:value> --products <products-names> --json-file <connection-information-in-JSON-format-via-file>

Example

ksctl connectionmgmt aws modify --id 5c7a0dab-6358-42dd-8809-257a96f0c010 --clientid newclientid

Response

{
    "id": "5c7a0dab-6358-42dd-8809-257a96f0c010",
    "uri": "kylo:kylo:connectionmgmt:connections:aws-connection-5c7a0dab-6358-42dd-8809-257a96f0c010",
    "account": "kylo:kylo:admin:accounts:kylo",
    "createdAt": "2022-08-22T08:35:45.766632Z",
    "updatedAt": "2022-08-22T08:42:46.803919148Z",
    "service": "aws",
    "category": "cloud",
    "last_connection_ok": null,
    "last_connection_at": "0001-01-01T00:00:00Z",
    "name": "aws-connection",
    "access_key_id": "newclientid",
    "cloud_name": "aws",
    "aws_sts_regional_endpoints": "legacy",
    "aws_region": "us-east-1"
}

To update an AWS connection of type IAM Roles Anywhere, run:

Syntax

ksctl connectionmgmt aws modify --id <connection-name/id> --iamroleanywhere <path-to-json-file>

Example

ksctl connectionmgmt aws modify --id 5da3c67e-8f28-4468-b733-709c0367cee2 --iamroleanywhere update.json

Response

 {
  "id": "740cff5c-44a1-4006-9e1c-d51e9ae0f4de",
  "uri": "kylo:kylo:connectionmgmt:connections:testcon-740cff5c-44a1-4106-9e1c-d51e9ae0f4de",
  "account": "kylo:kylo:admin:accounts:kylo",
  "createdAt": "2023-05-05T06:24:18.164586919Z",
  "updatedAt": "2023-05-05T06:24:18.155392895Z",
  "service": "aws",
  "category": "cloud",
  "last_connection_ok": null,
  "last_connection_at": "0001-01-01T00:00:00Z",
  "name": "testcon",
  "cloud_name": "aws",
  "aws_sts_regional_endpoints": "legacy",
  "aws_region": "us-east-1",
  "is_role_anywhere": true,
  "iam_role_anywhere": {
    "certificate": "-----BEGIN CERTIFICATE-----\nMIICATCCAYagAwIBAgIUVMghsopD+cgubEYjpvB96oOeSHwwCgYIKoZIzj0EAwQw\nXTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5ZMREwDwYDVQQHEwhOZXcgWW9yazEP\nMA0GA1UEChMGVzMQwwCgYDVQQLEwNESVMxDzANBgNVBAMTBlRoYWxlczAe\nFw0yMzAxMDMxMDE1NTBaFw0yNDAxMDMxMDE1NTBaMEQxCzAJBgNVBAYTAlVTMQ8w\nDQYDVQQKDAZUaGFsZXMxEzARBgNVBAMMClRoYWxlcy5jb20xDzANBgNVBAsMBkRJ\nU19EUzB2MBAGByqGBSuBBAAiA2IABIt5e3BVMVAdNfTGslhkhbLlqJiA\nvO0ECgAlClTwzILZalsczZ0256PVWD9+q4DXRXVzUSKMHJTvD2dfxzU3Ze9AP92h\nz7PXr+AiBcyoz03kcqd4eInt8cVbI8iA0yk1xqMgMB4wDAYDVR0TAQH/BAIwADAO\nBgNVHQ8BAf8EBAMCB4AwCgYIKoZIzj0EAwQDaQAwZgIxAO3YZ5spj2Nnkb5ycuI0\nsz4CYbt5/Akw6XCIkj676ExyhRlBHs3MnYocD1dqJIHbcgIxAPbMcFe0ntWfe+hm\nsGYqabQmzwJaewriq3qmmThs8MPx8k7F9N6sKdiC7fI8d2XAsA==\n-----END CERTIFICATE-----",
    "trust_anchor_arn": "arn:aws:rolesanywhere:us-east-1:306778697945:trust-anchor/944e70c0-a0b9-4cb9-97fd-0b8ff46d43ad",
    "profile_arn": "arn:aws:rolesanywhere:us-east-1:306778697945:profile/0d90fe36-1977-4ff8-886d-8c84b5a922ed",
    "anywhere_role_arn": "arn:aws:iam::300000000000:role/RolesAnywhere"
  }
}

update.json

{ 
    "anywhere_role_arn": "arn:aws:rolesanywhere:us-east-1:306778697945:profile/00000000-0000-0000-0000-000000000000" 
}

Deleting an AWS Connection

To delete an AWS connection, run:

Syntax

ksctl connectionmgmt aws get --id <connection-name/Id>

Example

ksctl connectionmgmt aws get --id 5c7a0dab-6358-42dd-8809-257a96f0c010

There will be no response if the AWS connection is deleted successfully.

Getting List of AWS Connections

To list all the AWS connections, run:

Syntax

ksctl connectionmgmt aws list

Example

ksctl connectionmgmt aws list

Response

{
    "skip": 0,
    "limit": 10,
    "total": 1,
    "resources": [
            {
                    "id": "5c7a0dab-6358-42dd-8809-257a96f0c010",
                    "uri": "kylo:kylo:connectionmgmt:connections:aws-connection-5c7a0dab-6358-42dd-8809-257a96f0c010",
                    "account": "kylo:kylo:admin:accounts:kylo",
                    "createdAt": "2022-08-22T08:35:45.766632Z",
                    "updatedAt": "2022-08-22T08:43:25.392906Z",
                    "service": "aws",
                    "category": "cloud",
                    "last_connection_ok": null,
                    "last_connection_at": "0001-01-01T00:00:00Z",
                    "name": "aws-connection",
                    "access_key_id": "AKIAJBLfdgTQFOWDRSRQ",
                    "cloud_name": "aws",
                    "aws_sts_regional_endpoints": "legacy",
                    "aws_region": "us-east-1"
            }
    ]
}

To list all the AWS connections of type IAM Anywhere, run:

Syntax

ksctl connectionmgmt aws list --isroleanywhere true

Example

ksctl connectionmgmt aws list --isroleanywhere true

Response

{
    "skip": 0,
    "limit": 10,
    "total": 1,
    "resources": [
        {
            "id": "e0036191-7c11-4c18-9152-dcfc6ab423b7",
            "uri": "kylo:kylo:connectionmgmt:connections:demoiamanywhere-e0036191-7c11-4c18-9152-dcfc6ab423b7",
            "account": "kylo:kylo:admin:accounts:kylo",
            "createdAt": "2023-05-08T08:49:23.134714Z",
            "updatedAt": "2023-05-08T08:49:23.133589Z",
            "service": "aws",
            "category": "cloud",
            "last_connection_ok": null,
            "last_connection_at": "0001-01-01T00:00:00Z",
            "name": "testconnection",
            "meta": null,
            "cloud_name": "aws",
            "aws_sts_regional_endpoints": "legacy",
            "aws_region": "us-east-1",
            "is_role_anywhere": true,
            "iam_role_anywhere": {
                "certificate": "-----BEGIN CERTIFICATE-----\nMIICATCCAYagAwIBAgIUVMghsopD+cgubEYjpvB96oOeSHwwCgYIKoZIzjEAwQw\nXTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5ZMREwDwYDVQQHEwhOZXcgWW9yazEP\nMA0GA1UEChMGVGhhbGVzMQwwCgYDVQQLEwNESVMxDzANBgNVBAMTBlRoYWxlczAe\nFw0yMzAxMDMxMDE1NTBaFw0yNDAxMDMxMDE1NTBaMEQxCzBgNVBAYTAlVTMQ8w\nDQYDVQQKDAZUaGFsZXMxEzARBgNVBAMMClRoYWxlcy5jb20xDzANBgNVBAsMBkRJ\nU19EUzB2MBAGByqGSM49AgEGBSuBBAAiA2IABIt5e3BVMVAdNfTGslhkhbLlqJiA\nvO0ECgAlClTwzILZalsczZ0256PVWDq4DXRXVzUSKMHJTvD2dfxzU3Ze9AP92h\nz7PXr+AiBcyoz03kcqd4eInt8cVbI8iA0yk1xqMgMB4wDAYDVR0TAQH/BAIwADAO\nBgNVHQ8BAf8EBAMCB4AwCgYIKoZIzj0EAwQDaQAwZgIxAO3YZ5spj2Nnkb5ycuI0\nsz4CYbt5/Akw6XCIkj676ExyhRlBHs3MnYocD1dqJIHbcgIxAPbMcFe0ntWfe+hm\nsGYqabQmzwJaewriq3qmmThs8MPx8k7F9N6sKdiC7fI8d2XAsA==\n-----END CERTIFICATE-----",
                "trust_anchor_arn": "arn:aws:rolesanywhere:us-east-1:306778697945:trust-anchor/944e70c0-a0b9-4cb9-97fd-0b8ff46d43ad",
                "profile_arn": "arn:aws:rolesanywhere:us-east-1:306778697945:profile/0d90fe36-1977-4ff8-886d-8c84b5a922ed",
                "anywhere_role_arn": "arn:aws:iam::306778697945:role/RolesAnywhere_Tester"
            }
        }
    ]
}

Testing an Existing AWS Connection

To test an existing AWS connection, run:

Syntax

ksctl connectionmgmt aws test --id <connection-name/Id>

Example

ksctl connectionmgmt aws test --id 5c7a0dab-6358-42dd-8809-257a96f0c010

Response

{
    "connection_ok": true
}

Testing a New AWS Connection

To test the parameters of a new AWS connection, run:

Syntax

ksctl connectionmgmt aws test --clientid <access-key-id> --secret <aws-client-secret> --assumerolearn <assume-role-arn> --assumeroleexternalid <assume-role-external-id> --cloudname <cloud-name>

Example

ksctl connectionmgmt aws create --name aws-connection --clientid AKIAJBLNQGTQFOWDRSRQ --secret DHZc9bi/rrJZW3PRfWrkgn3KYVMDyI1bnedKPmlwU

Response

{
    "connection_ok": true
}

To test the parameters of a new AWS connection of type IAM Anywhere, run:

Syntax

ksctl connectionmgmt aws test --iamroleanywhere <path-to-json-file> --isroleanywhere true

Example

ksctl connectionmgmt aws test --iamroleanywhere iamanywhere.json --isroleanywhere true

iamanywhere.json

{
    "iam_role_anywhere": {
        "anywhere_role_arn": "arn:aws:iam::306778697945:role/RolesAnywhere_Test",
        "profile_arn": "arn:aws:rolesanywhere:us-east-1:306778697700:profile/0d90fe36-1977-4ff8-886d-8c84b5a922ed",
        "trust_anchor_arn": "arn:aws:rolesanywhere:us-east-1:306778670045:trust-anchor/944e70c0-a0b9-4cb9-97fd-0b8ff46d43ad",
        "certificate": "-----BEGIN CERTIFICATE-----\nMIICATCCAYagAwIBAgIUVMghsopD+cgubEYjpvB96oOeSHwwCgYIKoZIzj0EAwQw\nXTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5ZMREwDwYDVQQHEwhOZXcgWW9yazEP\nMA0GA1UEChMGVGhhbGVzMQwwCgYDVQQLEwNESVMxDzANBgNVBAMTBlRoYWxlczAe\nFw0yMzAxMDMxMDE1NTBaFw0yNDAMDMxMDE1NTBaMEQxCzAJBgNVBAYTAlVTMQ8w\nDQYDVQQKDAZUaGFsZXMxEzARBgNVBAMMClRoYWxlcy5jb20xDzANBgNVBAsMBkJ\nU19EUzB2MBAGByqGSMAgEGBSuBBAAiA2IABIt5e3BVMVAdNfTGslhkhbLlqJiA\nvO0ECgAlClTwzILZalsczZ0256PVWD9+q4DXRXVzUSKMHJTvD2dfxzU3Ze9AP92h\nz7PXr+AiBcyoz03kcqd4eInt8cVbI8iA0yk1xqMgMB4wDAYDVR0TAQH/BAIwADAO\nBgNVHQ8BAf8EBAMCB4AwCgYIKoZIzj0EAQDaQAwZgIxAO3YZ5spj2Nnkb5ycuI0\nsz4CYbt5/Akw6XCIkj676ExyhRlBHs3MnYocD1dqJIHbcgIxAPbMcFe0ntWfe+hm\nsGYqabQmzwJaewriq3qmmThs8MPx8k7F9N6sKdiC7fI8d2XAsA==\n-----END CERTIFICATE-----",
        "private_key": "-----BEGIN EC PARAMETERS-----\nBgUrgQQAIg==\n-----END EC PARAMETERS-----\n-----BEGIN EC PRIVATE KEY-----\nMIGkAgEBBDBZ2dIjpkmoQ5JGNjpHq0rdz4KOFRbfbdfjP3nCSLhlZtrLDrhRCGiqX\nc/7hJFA49pugBwYFK4EEACKhZANiAASLeXtwVTFQHTX0xrJYZIWy5aiYgLztBAoA\nJQpU8MyC2WpbHM2dNuej1Vg/fquA10V1c1EijByU7w9nX8c1N2XvQD/doc+z16/g\nIgXMqM9N5HKneHiJ7fHFWyPIgNMpNcY=\n-----END EC PRIVATE KEY-----"
    },
    "is_role_anywhere": true
}

Response

{
    "connection_ok": true
}

On this page